Cloud Native時代における Docker / Kubernetes による開発 Developers Summit 2019 at 02/14 / devsumi2019_amsy810_k8s

Transcript

1. Masaya Aoyama
   CyberAgent adtech studio
   Cloud Native࣌୅ʹ͓͚Δ
   Docker / Kubernetes ʹΑΔ։ൃ
   Developers Summit 2019 at 02/14
   ࢿྉ: http://bit.ly/devsumi 2019 k8s
   MasayaAoyama @amsy810
   Masaya Aoyama
   CyberAgent adtech studio
   Cloud Native࣌୅ʹ͓͚Δ
   Docker / Kubernetes ʹΑΔ։ൃ
   Developers Summit 2019 at 02/14
   MasayaAoyama @amsy810
   

   View Slide

2. $58'[email protected]
   Kubernetes )"
   ;:
   Japan Container Days v18.04 Keynote
   ,(! .+=4
   AWS Dev Day TokyoIBM Think Japan
   CKA #138CKAD #2
   Masaya Aoyama (@amsy810)
   Infrastructure Engineer
   
   Co-chair - Cloud Native Days Tokyo B0 Japan Container DaysC
   Organizer - Cloud Native Meetup Tokyo
   Organizer - Kubernetes Meetup Tokyo
   Organizer - KubeCon /1 3!
   Contribute to OpenStack and Kubernetes
   2% KaaS *< / ?7
   K8s A>
   

   View Slide

3. 
   
   Kubernetes
   

   View Slide

4. Instagramable
   Kubernetes K
   

   View Slide

5. Agenda
   • Cloud Native and Kubernetes
   • Microservice and Service Mesh
   • Container and Docker
   • Kubernetes Overview
   • What is doing Kubernetes
   • Kubernetes is Framework and Distributed System
   • CI/CD with Kubernetes/Docker
   • Future of Kubernetes
   

   View Slide

6. Cloud Native and Kubernetes
   What is Kubernetes? What is Cloud Naitve?
   

   View Slide

7. CNCF and
   The Linux Foundation
   • KubernetesThe Linux Foundation
   
   CNCF
   •
   
   
   
   

   View Slide

8. Cloud Native
   Cloud native technologies empower organizations to build and run scalable
   applications in modern, dynamic environments such as public, private, and hybrid
   clouds. Containers, service meshes, microservices, immutable infrastructure, and
   declarative APIs exemplify this approach.
   These techniques enable loosely coupled systems that are resilient, manageable,
   and observable. Combined with robust automation, they allow engineers to make
   high-impact changes frequently and predictably with minimal toil.
   The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by
   fostering and sustaining an ecosystem of open source, vendor-neutral projects. We
   democratize state-of-the-art patterns to make these innovations accessible for
   everyone.
   CNCF Cloud Native Defenition v1.0, CNCF, 2018-11-28
   (https://github.com/cncf/toc/blob/master/DEFINITION.md)
   

   View Slide

9. Cloud Native8
   Cloud native technologies empower organizations to build and run scalable
   applications in modern, dynamic environments such as public, private, and hybrid
   clouds. Containers, service meshes, microservices, immutable infrastructure, and
   declarative APIs exemplify this approach.
   These techniques enable loosely coupled systems that are resilient, manageable,
   and observable. Combined with robust automation, they allow engineers to make
   high-impact changes frequently and predictably with minimal toil.
   The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by
   fostering and sustaining an ecosystem of open source, vendor-neutral projects. We
   democratize state-of-the-art patterns to make these innovations accessible for
   everyone.
   CNCF Cloud Native Defenition v1.0, CNCF, 2018-11-28
   (https://github.com/cncf/toc/blob/master/DEFINITION.md)
   • .0
   • &
   • /-
   • 4*
   
   • +3 71 )%5
   ($6
   "!'2
   Open Scalable#,
   

   View Slide

10. Kubernetes is key product for Cloud Native Computing
    Cloud Native Ecosystem
    

    View Slide

11. View Slide

12. Cloud Native
    
    
    
    

    View Slide

13. Microservice and Service Mesh
    Benefit of Microservice and Service Mesh
    •
    
    •
    •
    •
    •
    

    View Slide

14. Microservice Architecture
    
    
    ProductPage Reviews
    Details
    Ratings
    HTTP/gRPC
    HTTP/gRPC
    HTTP/gRPC
    Bookinfo Application, Istio, 2018-11-28
    (https://istio.io/docs/examples/bookinfo/)
    

    View Slide

15. %' )#[email protected]_71T
    gRPC, REST N%' )#!cS
    2 )#[email protected]_7UJ<f
    "$'9A
    : CT/*"$'1T
    f^=eO4;
    6YBbK-^
    2`aG7%' )#!bK,+?M
    CT\-E[L
    
    !)&(9A
    G7CT!)&( .IV
    d8,+F0
    
    G7CTd8Z 53
    R]
    H> )#!PQW
    Benefit of
    Microservice
    Golang
    Java
    Scala
    gRPC
    REST
    

    View Slide

16. %' )#[email protected]_71T
    gRPC, REST N%' )#!cS
    2 )#[email protected]_7UJ<f
    "$'9A
    : CT/*"$'1T
    f^=eO4;
    6YBbK-^
    2`aG7%' )#!bK,+?M
    CT\-E[L
    
    !)&(9A
    G7CT!)&( .IV
    d8,+F0
    
    G7CTd8Z 53
    R]
    H> )#!PQW
    Developer
    Benefit of
    Microservice
    

    View Slide

17. %' )#[email protected]_71T
    gRPC, REST N%' )#!cS
    2 )#[email protected]_7UJ<f
    "$'9A
    : CT/*"$'1T
    f^=eO4;
    6YBbK-^
    2`aG7%' )#!bK,+?M
    CT\-E[L
    
    !)&(9A
    G7CT!)&( .IV
    d8,+F0
    
    G7CTd8Z 53
    R]
    H> )#!PQW
    Benefit of
    Microservice
    

    View Slide

18. %' )#[email protected]_71T
    gRPC, REST N%' )#!cS
    2 )#[email protected]_7UJ<f
    "$'9A
    : CT/*"$'1T
    f^=eO4;
    6YBbK-^
    2`aG7%' )#!bK,+?M
    CT\-E[L
    
    !)&(9A
    G7CT!)&( .IV
    d8,+F0
    
    G7CTd8Z 53
    R]
    H> )#!PQW
    Benefit of
    Microservice
    

    View Slide

19. %' )#[email protected]_71T
    gRPC, REST N%' )#!cS
    2 )#[email protected]_7UJ<f
    "$'9A
    : CT/*"$'1T
    f^=eO4;
    6YBbK-^
    2`aG7%' )#!bK,+?M
    CT\-E[L
    
    !)&(9A
    G7CT!)&( .IV
    d8,+F0
    
    G7CTd8Z 53
    R]
    H> )#!PQW
    Benefit of
    Microservice
    

    View Slide

20. 500+ microservices
    The Case of Chaos, Bruce Wong, 2014-12-19, (https://www.slideshare.net/BruceWong3/the-case-for-chaos)
    The History of the Service Mesh, The New Stack, 2018-2-13, (https://thenewstack.io/history-service-mesh/)
    

    View Slide

21. 500+ microservices
    The Case of Chaos, Bruce Wong, 2014-12-19, (https://www.slideshare.net/BruceWong3/the-case-for-chaos)
    The History of the Service Mesh, The New Stack, 2018-2-13, (https://thenewstack.io/history-service-mesh/)
    Can we get Observability?
    

    View Slide

22. Service Mesh Architecture (generally)
    • Microservice
    • Microservice with Service Mesh
    Proxy
    App a
    Proxy
    App b
    Proxy
    App c
    App a App b App c
    

    View Slide

23. Service Mesh
    • Microservice
    
    Proxy
    App a
    Proxy
    App b
    Proxy
    App c
    

    View Slide

24. Service Mesh
    • Traffic Shifting (ex, Canary release)
    Proxy
    App a
    Proxy
    App b1
    Proxy
    App b2
    99 %
    1 %
    

    View Slide

25. Service Mesh
    • Circuit Break
    • Fault Injection
    • Rate Limit
    • Retry
    • mTLS
    Proxy
    App a
    Proxy
    App b
    Proxy
    App c
    #%!$
    &) ,
    *'(
    +")
    

    View Slide

26. Microservice / Service Mesh
    
    Microservice.H:LB7&=,
    2O16()FPN0Q
    Service Mesh #@ …
    • Microservice M )I;5C
    9J
    K!$3/>
    8*(/>
    • AE+
    
    • 4"%
    • D?
    • )I;
    • -<
    G'(
    

    View Slide

27. Micro Service
    
    VM …
    

    View Slide

28. Container / Docker
    Benefit of Container / Docker
    •
    
    •
    •
    

    View Slide

29. Container
    System Container
    • KVMXen
    
    • init
    Application Container
    •
    
    
    •
    

    View Slide

30. Docker
    • Docker4%Application Container
    .71-+8$!
    • #DevOps/# 2: /3
    6)*5
    • 0, Moby"
    
    &9 # containerd
    
    ('
    

    View Slide

31. Dockerfile Docker Image
    FROM centos:7
    RUN yum -y install epel-release
    RUN yum -y install nginx
    COPY nginx.conf /etc/nginx/
    ENTRYPOINT ["nginx", "-g", "daemon off;"]
    Build Once, Run Anywhere
    
    Docker Image
    Dockerfile
    

    View Slide

32. $ docker build . -t sample-image
    Sending build context to Docker daemon 252.9kB
    Step 1/5 : FROM centos:7
    ---> 75835a67d134
    75835a67d134
    sample-image
    

    View Slide

33. $ docker build . -t sample-image
    Sending build context to Docker daemon 252.9kB
    Step 1/5 : FROM centos:7
    ---> 75835a67d134
    Step 2/5 : RUN yum -y install epel-release
    ---> Running in 9db248fc7b9a
    ...
    Removing intermediate container 9db248fc7b9a
    ---> 2fe5a7f8c007
    75835a67d134
    2fe5a7f8c007
    sample-image
    

    View Slide

34. $ docker build . -t sample-image
    Sending build context to Docker daemon 252.9kB
    Step 1/5 : FROM centos:7
    ---> 75835a67d134
    Step 2/5 : RUN yum -y install epel-release
    ---> Running in 9db248fc7b9a
    ...
    Removing intermediate container 9db248fc7b9a
    ---> 2fe5a7f8c007
    Step 3/5 : RUN yum -y install nginx
    ---> Running in 0547bd920b0a
    ...
    Removing intermediate container 0547bd920b0a
    ---> 843b47a96c5e
    75835a67d134
    2fe5a7f8c007
    843b47a96c5e
    sample-image
    

    View Slide

35. $ docker build . -t sample-image
    Sending build context to Docker daemon 252.9kB
    Step 1/5 : FROM centos:7
    ---> 75835a67d134
    Step 2/5 : RUN yum -y install epel-release
    ---> Running in 9db248fc7b9a
    ...
    Removing intermediate container 9db248fc7b9a
    ---> 2fe5a7f8c007
    Step 3/5 : RUN yum -y install nginx
    ---> Running in 0547bd920b0a
    ...
    Removing intermediate container 0547bd920b0a
    ---> 843b47a96c5e
    Step 4/5 : COPY nginx.conf /etc/nginx/
    ---> fe63b2d4c95d
    75835a67d134
    2fe5a7f8c007
    843b47a96c5e
    fe63b2d4c95d
    sample-image
    

    View Slide

36. $ docker build . -t sample-image
    Sending build context to Docker daemon 252.9kB
    Step 1/5 : FROM centos:7
    ---> 75835a67d134
    Step 2/5 : RUN yum -y install epel-release
    ---> Running in 9db248fc7b9a
    ...
    Removing intermediate container 9db248fc7b9a
    ---> 2fe5a7f8c007
    Step 3/5 : RUN yum -y install nginx
    ---> Running in 0547bd920b0a
    ...
    Removing intermediate container 0547bd920b0a
    ---> 843b47a96c5e
    Step 4/5 : COPY nginx.conf /etc/nginx/
    ---> fe63b2d4c95d
    Step 5/5 : ENTRYPOINT ["nginx", "-g",
    "daemon off;"]
    ---> Running in 876ee4d29339
    Removing intermediate container 876ee4d29339
    ---> b5068171c053
    75835a67d134
    2fe5a7f8c007
    843b47a96c5e
    fe63b2d4c95d
    b5068171c053
    sample-image
    

    View Slide

37. Docker
    •
    
    • Read Write
    • Read Only
    

    View Slide

38. 
    
    5: ENTRYPOINT [”/usr/sbin/nginx",
    "-g", "daemon off;"]
    5: ENTRYPOINT [”nginx",
    "-g", "daemon off;"]
    
    
    
    

    View Slide

39. Ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/
    Ref: https://12factor.net/
    B*=C Part of Docker Container Best Practice
    • @(1
    • "3< $1BImmutable InfrastructureC
    • A;8, / 4:8,+"
    !'9
    • #0> !&
    • 59)?.%8,-2 / 7
    • 6
    • etc
    

    View Slide

40. Container / Docker
    VM0…
    • #(+.
    • 7':8
    • ##,
    • /6
    %9;=">=!<
    • Immutable Infrastructure *1
    • 35)
    • -$&
    • 42
    

    View Slide

41. 
    
    
    

    View Slide

42. Kubernetes Overview
    Promote Cloud Native
    •
    
    •
    •
    •
    •
    

    View Slide

43. Docker Swarm mode
    Container Orchestration Engine
    

    View Slide

44. Container Orchestration
    Engine (4/0
    • 3*Docker2/
    • #
    $ #
    •
    $ # / $
    $ #
    • "$ # $
    • #-.15
    • 6&+!$ #
    • $
    • "$# #
    • $,')%2/
    

    View Slide

45. Container Orchestration
    Engine CYOP
    • XE Docker*" SO
    • 1 $ ,2.1
    • 2.1 / 2"2.1
    • 02.1)!2"
    • 1 $ KLRZ
    • ^>F /(&2.1
    • 2'!%.
    • 02#%-11
    • !2J?D; SO
    Container Orchestration
    Engine CYOP
    • QT9 +
    • B34
    • SO
    • 8[M
    
    • :NW67_U IA
    \[email protected]] 54
    =8V
    

    View Slide

46. CNCFStandardization
    01.
    
    
    
    
    
    " (!)
    OCI v1.0 02.
    
    
    #
    
    CRI 03.
    
    #
    
    CSI 04.
    
    #
    
    CNI
    

    View Slide

47. 
    Kubernetes Docker
    
    Kubernetes
    
    •
    CRI
    • docker
    • cri-o
    • containerd
    OCI
    • runC
    • gVisor
    • Kata Containers
    • Nabla Containers
    • Firecracker
    #
    )!
    '(
    
    
    $"&%
    

    View Slide

48. What is doing Kubernetes?
    Declarative Code & APIs
    Self-Healing
    Automation & Immutable Infrastructure
    

    View Slide

49. Kubernetes
    Design Principles, Kubernetes Community, 2017-11-04
    (https://github.com/kubernetes/community/blob/master/contributors/design-proposals/architecture/principles.md)
    02
    03
    01
    Self Healing
    
    ) #"
    
    Automation & Immutable Infrastructure
    Immutable Infrastructure& #
    Declarative Code & API
    Manifests$"
    %'API
    !(
    Infrastructure as Code
    

    View Slide

50. Declarative Code and APIs
    Developer
    Register
    YAML Manifest
    Kubernetes Cluster
    
    Manifests API
    Infrastructure as Code
    $ kubectl apply –f
    manifest.yaml
    

    View Slide

51. Pod
    
    
    
    

    View Slide

52. 
    
    
    
    Load Balancer
    

    View Slide

53. ReplicaSet Self-Healing
    • ReplicaSet Replica
    
    • = Node Node
    

    View Slide

54. ReplicaSet Rolling Update (Automation)
    • #%"$ /)
    • $!% %
    • Immutable Infrastructure
    • #%"$ .&
    Load Balancer
    Developer
    (,
    '*
    Deployment+-
    

    View Slide

55. ReplicaSet Rolling Update (Automation)
    •
    •
    
    • Immutable Infrastructure
    •
    Load Balancer
    

    View Slide

56. ReplicaSet Rolling Update (Automation)
    •
    •
    
    • Immutable Infrastructure
    •
    Load Balancer
    

    View Slide

57. ReplicaSet Rolling Update (Automation)
    •
    •
    
    • Immutable Infrastructure
    •
    Load Balancer
    

    View Slide

58. Key points
    • KubernetesGoogle=/A3.
    + #(&$,'Borg%,OSS1
    
    → ;*,),"25<>1 ?01846
    • [email protected] $!*,9-YAML:
    → Infrastructure EngineerBOpsC.
    Server-side Engineer BDevC.
    

    View Slide

59. Kubernetes is Framework
    and Distributed System
    Custom Resource Definition
    

    View Slide

60. Kubernetes
    Developer
    
    
    
    
    

    View Slide

61. Kubernetes
    Developer
    !!!
    !
    !
    
    
    
    

    View Slide

62. 
    Kubernetes
    Developer
    !$
    %
    %
    %%%
    1. "
    2. #
    3.
    → Control Loop
    

    View Slide

63. 
    …
    Developer
    -1 0+) &'
    )
    !
    )
    
    
    1. +*# .(
    2. +*#,"*# %/
    3. , $
    → Control Loop
    

    View Slide

64. ReplicaSet
    *2+
    Developer
    
    18 Pod
    (36
    #4 $Pod
    '9
    Pod
    
    '9
    1. /
    .&5-
    2. /
    .&0%.&,7
    3. " ! 0 )
    → Control Loop
    

    View Slide

65. Custom Resource Definition
    Developer
    
    
    
    
    
    1.
    2.
    3.
    → Control Loop
    

    View Slide

66. Custom Resource Definition
    Developer
    
    
    
    

    View Slide

67. Custom Resource Definition
    Developer
    
    Kubernetes Pod
    Queue
    

    View Slide

68. Kubernetes is more extensible
    C A D C
    DBC B DA C
    A C A A F A
    D2 F
    C
    C BB
    & A BB
    C
    A C
    A C
    DBC A &
    A C
    2 A CB
    A A A &
    B A
    AD B
    &B C D C C
    DC C C 2
    Kubernetes
    
    Boring Kubernetes
    

    View Slide

69. Kubernetes is more extensible
    B C B
    CAB A C 2 B
    B AA
    & AA
    2F B
    B
    B D
    CAB &
    D 2 B
    2BA
    D 2 &
    A
    C A2
    &A B C B B 2F
    CB B B
    

    View Slide

70. CI/CD with Kubernetes / Docker
    How to build a CI/CD Pipelines?
    

    View Slide

71. GitOps Overview
    
    
    
    
    CI
    CD
    
    
    
    Kubernetes
    D
    Developer
    GitOps, Weaveworks, 2018-11-28
    (https://www.weave.works/technologies/gitops/)
    

    View Slide

72. GitOps – PR
    
    
    CD Kubernetes
    

    View Slide

73. GitOps - Staging
    
    (staging)
    
    
    CI
    CD
    
    
    
    Staging
    D
    Developer
    staging branch
    master branch
    
    
    (production)
    Production
    

    View Slide

74. GitOps - Production
    
    (staging)
    
    
    CI
    CD
    
    
    
    D
    Developer
    staging branch
    master branch
    
    
    (production)
    Staging
    Production
    

    View Slide

75. GitOps
    
    
    (staging)
    
    
    CI
    CD
    
    
    
    Developer
    staging branch
    master branch
    
    
    (production)
    Staging
    T
    Production
    R R S
    !$%& # "
    $
    E E
    R R S
    ""%& !%&
    

    View Slide

76. Future of Kubernetes
    Kubernetes is becoming de-facto standard in the future?
    

    View Slide

77. KubeCon + CloudNativeCon
    KubeCon + CloudNativeCon Barcelona 2019 Call for Proposals (CFP) Is Open, CNCF, 2018-11-28
    (https://www.cncf.io/blog/2018/11/16/kubecon-barcelona-2019-call-for-proposals-cfp-is-open/)
    

    View Slide

78. Google Kubernetes Engine
    Managed Kubernetes Serivce
    Azure Kubernetes Service
    2014-11 2017-02 2017-11
    Amazon Elastic Container
    Service for Kubernetes
    

    View Slide

79. Kubernetes for Enterprise
    •
    Monzo Bank
    • Kubernetes + Linkerd (Service Mesh)
    Building a Modern Bank Backend, Monzo Bank Ltd, 2018-11-28
    (https://monzo.com/blog/2016/09/19/building-a-modern-bank-backend/)
    

    View Slide

80. CNCFStandardization
    01.
    
    
    
    
    
    " (!)
    OCI v1.0 02.
    
    
    #
    
    CRI 03.
    
    #
    
    CSI 04.
    
    #
    
    CNI
    

    View Slide

81. CNCF Community Presentation, CNCF, 2018 (https://github.com/cncf/presentations)
    

    View Slide

82. Kubernetes
    
    

    View Slide

83. 3 I H uNs P
    /D 6 IBK c a io sy P
    0 C 1 DD 3 I H
    W3 I HS M
    3 I H
    & 72 uNs C ID
    9 CD H uNs
    0BH K L 4 uNs
    / B 8I uNs
    /D HI uNs 5 I I uNs
    uNs N snN
    s h l o y f fl
    y s N
    snr N
    tk ye
    & hs c N uNsu ghd
    v
    o y
    /2 /0
    fl N s 8 KB 5 HA
    3 I H dNkyl
    3 I H b
    

    View Slide

84. https://bit.ly/cndt2019cfp
    Cloud Native Days Tokyo
    : Japan Container Days @amsy810
    
    
    CFP
    

    View Slide

85. Thank you for your attention
    follow me: @amsy810
    

    View Slide